请求指定协议
调用外部请求的时候,创建httpclient指定协议版本
原SSLv3,TLS1.0的协议版本存在漏洞或安全级别不够,故调用接口协议需要TLSv1.1(包含)以上。
public static CloseableHttpClient createSSLClientDefault() {
SSLContext sslContext = null;
try {
sslContext=SSLContext.getInstance("TLSv1.2");
sslContext.init(null, new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} }, null);
} catch (NoSuchAlgorithmException e) {
logger.error(e.getMessage(),e);
} catch (KeyManagementException e) {
logger.error(e.getMessage(),e);
}
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
}